cas server端正常运行,也可以登陆: client 端的配置: web.xml:
<filter> <filter-name>sso</filter-name> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://localho:8443/sso-server/login</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://localhost:8443/sso-server/serviceValidate</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> <param-value>localho:8088</param-value> </init-param> </filter> <filter-mapping> <filter-name>sso</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
现在访问客户端:http://localhost:port/project/自动跳转到https://localhost:8443/cas-server 验证登陆,也登陆成功,也获得了ticket, 但是回跳的时候,就报错了: http://localhost:8088/castest1/?ticket=ST-2-4y6GgXW9ue3fd0Fg9CL6
HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://www.sso-demo.com:8443/sso-server/serviceValidate] ticket=[ST-1-aptbOwbIcCvNn2zw6gtH] service=[http%3A%2F%2Fwww.sso-demo.com%3A8088%2Fcastest1%2F] renew=false]]] edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381) edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42) root cause edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://www.sso-demo.com:8443/sso-server/serviceValidate] ticket=[ST-1-aptbOwbIcCvNn2zw6gtH] service=[http%3A%2F%2Fwww.sso-demo.com%3A8088%2Fcastest1%2F] renew=false]]] edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:51) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42) root cause javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591) com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:49) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42) root cause sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) sun.security.validator.Validator.validate(Validator.java:218) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:49) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42) root cause sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) sun.security.validator.Validator.validate(Validator.java:218) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:49) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42) note The full stack trace of the root cause is available in the Apache Tomcat/6.0.29 logs.
你的JDK证书有问题,TOmcat用的JDK和你到证书的JDK是同一个JDK######这个意识是不能是同一个JDK ,是么?######确实如此,最后把cer证书导入到jre,成功!######被骗了,果断记仇###### 您好,请问tomcat使用的信任证书路径怎么找?
###### 这是证书机构提供的教程:
http://www.trustasia.com/support/install/
http://verisign.itrus.com.cn/html/fuwuyuzhichi/fuwuqizhengshuanzhuangpeizhizhinan/
你去看看 ###### ssl证书技术支持中心技术文档 :
http://www.etsec.com.cn/service/guide/
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。